Karl/KTVManager_Backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
KTVManager_Backend/ktvmanager/lib/database.py

240 lines
7.7 KiB
Python
Raw Permalink Normal View History

database connection pooling
2025-07-14 18:32:48 +01:00
import mysql.connector.pooling
docstrings
2025-07-15 15:45:17 +01:00
from flask import jsonify, request, current_app, Response
feat(app): restructure as a modern Flask API This commit refactors the entire backend application into a more structured and maintainable Flask project. It introduces an application factory pattern, consolidates routes into a blueprint, and implements a robust authentication and database layer. - Introduces a Flask application factory (`create_app` in `main.py`) for better organization and testability. - Consolidates all API routes into a single blueprint (`routes/api.py`) for modularity. - Implements a new basic authentication system using a decorator (`@requires_basic_auth`) to secure all endpoints. - Refactors the database access layer with standardized query execution and connection handling. - Adds new modules for core logic, including an account checker (`checker.py`) and user retrieval (`get_users.py`). - Updates the VSCode launch configuration to support the new Flask application structure. BREAKING CHANGE: The application has been completely restructured. The old `server.py` entry point is removed. The application should now be run via the app factory in `main.py`. All API endpoints now require basic authentication.
2025-07-13 19:40:04 +01:00
from ktvmanager.lib.checker import single_account_check
feat(security): implement AES-GCM for password encryption Replaces the `pyeasyencrypt` library with a more robust and standard encryption implementation using `cryptography.hazmat`. This commit introduces AES-256-GCM for encrypting and decrypting user account passwords. The `add_account` endpoint now properly encrypts passwords before database insertion. Error handling has been added to the `get_user_accounts` endpoint to manage decryption failures for legacy passwords, which will be returned as "DECRYPTION_FAILED". BREAKING CHANGE: The password encryption algorithm has been changed. All previously stored passwords are now invalid and cannot be decrypted.
2025-07-14 11:12:13 +01:00
from ktvmanager.lib.encryption import encrypt_password, decrypt_password
adding and deleting account is working
2025-07-14 19:18:47 +01:00
from ktvmanager.lib.get_urls import get_latest_urls_from_dns
docstrings
2025-07-15 15:45:17 +01:00
from typing import List, Dict, Any, Optional, Tuple
latest working sample
2025-05-10 13:58:58 +01:00
database connection pooling
2025-07-14 18:32:48 +01:00
db_pool = None
docstrings
2025-07-15 15:45:17 +01:00
def initialize_db_pool() -> None:
"""Initializes the database connection pool."""
database connection pooling
2025-07-14 18:32:48 +01:00
global db_pool
db_pool = mysql.connector.pooling.MySQLConnectionPool(
pool_name="ktv_pool",
pool_size=5,
working config.py setup
2025-07-14 13:42:58 +01:00
host=current_app.config["DBHOST"],
user=current_app.config["DBUSER"],
password=current_app.config["DBPASS"],
database=current_app.config["DATABASE"],
docstrings
2025-07-15 15:45:17 +01:00
port=current_app.config["DBPORT"],
latest working sample
2025-05-10 13:58:58 +01:00
)
notification support
2025-07-17 15:41:47 +01:00
_create_push_subscriptions_table()
def _create_push_subscriptions_table() -> None:
"""Creates the push_subscriptions table if it doesn't exist."""
query = """
CREATE TABLE IF NOT EXISTS push_subscriptions (
id INT AUTO_INCREMENT PRIMARY KEY,
user_id INT NOT NULL,
subscription_json TEXT NOT NULL,
last_notified TIMESTAMP NULL,
FOREIGN KEY (user_id) REFERENCES users(id)
)
"""
_execute_query(query)
latest working sample
2025-05-10 13:58:58 +01:00
docstrings
2025-07-15 15:45:17 +01:00
def _execute_query(query: str, params: Optional[tuple] = None) -> List[Dict[str, Any]] | Dict[str, int]:
"""Executes a SQL query and returns the result.
Args:
query: The SQL query to execute.
params: The parameters to pass to the query.
Returns:
A list of dictionaries for SELECT queries, or a dictionary with the
number of affected rows for other queries.
"""
database connection pooling
2025-07-14 18:32:48 +01:00
conn = db_pool.get_connection()
feat(app): restructure as a modern Flask API This commit refactors the entire backend application into a more structured and maintainable Flask project. It introduces an application factory pattern, consolidates routes into a blueprint, and implements a robust authentication and database layer. - Introduces a Flask application factory (`create_app` in `main.py`) for better organization and testability. - Consolidates all API routes into a single blueprint (`routes/api.py`) for modularity. - Implements a new basic authentication system using a decorator (`@requires_basic_auth`) to secure all endpoints. - Refactors the database access layer with standardized query execution and connection handling. - Adds new modules for core logic, including an account checker (`checker.py`) and user retrieval (`get_users.py`). - Updates the VSCode launch configuration to support the new Flask application structure. BREAKING CHANGE: The application has been completely restructured. The old `server.py` entry point is removed. The application should now be run via the app factory in `main.py`. All API endpoints now require basic authentication.
2025-07-13 19:40:04 +01:00
cursor = conn.cursor(dictionary=True)
try:
cursor.execute(query, params)
if query.strip().upper().startswith("SELECT"):
result = cursor.fetchall()
else:
conn.commit()
result = {"affected_rows": cursor.rowcount}
return result
finally:
cursor.close()
conn.close()
latest working sample
2025-05-10 13:58:58 +01:00
docstrings
2025-07-15 15:45:17 +01:00
def get_user_id_from_username(username: str) -> Optional[int]:
"""Retrieves the user ID for a given username.
Args:
username: The username to look up.
Returns:
The user ID if found, otherwise None.
"""
feat(app): restructure as a modern Flask API This commit refactors the entire backend application into a more structured and maintainable Flask project. It introduces an application factory pattern, consolidates routes into a blueprint, and implements a robust authentication and database layer. - Introduces a Flask application factory (`create_app` in `main.py`) for better organization and testability. - Consolidates all API routes into a single blueprint (`routes/api.py`) for modularity. - Implements a new basic authentication system using a decorator (`@requires_basic_auth`) to secure all endpoints. - Refactors the database access layer with standardized query execution and connection handling. - Adds new modules for core logic, including an account checker (`checker.py`) and user retrieval (`get_users.py`). - Updates the VSCode launch configuration to support the new Flask application structure. BREAKING CHANGE: The application has been completely restructured. The old `server.py` entry point is removed. The application should now be run via the app factory in `main.py`. All API endpoints now require basic authentication.
2025-07-13 19:40:04 +01:00
query = "SELECT id FROM users WHERE username = %s"
result = _execute_query(query, (username,))
if result:
docstrings
2025-07-15 15:45:17 +01:00
return result[0]["id"]
feat(app): restructure as a modern Flask API This commit refactors the entire backend application into a more structured and maintainable Flask project. It introduces an application factory pattern, consolidates routes into a blueprint, and implements a robust authentication and database layer. - Introduces a Flask application factory (`create_app` in `main.py`) for better organization and testability. - Consolidates all API routes into a single blueprint (`routes/api.py`) for modularity. - Implements a new basic authentication system using a decorator (`@requires_basic_auth`) to secure all endpoints. - Refactors the database access layer with standardized query execution and connection handling. - Adds new modules for core logic, including an account checker (`checker.py`) and user retrieval (`get_users.py`). - Updates the VSCode launch configuration to support the new Flask application structure. BREAKING CHANGE: The application has been completely restructured. The old `server.py` entry point is removed. The application should now be run via the app factory in `main.py`. All API endpoints now require basic authentication.
2025-07-13 19:40:04 +01:00
return None
docstrings
2025-07-15 15:45:17 +01:00
def get_user_accounts(user_id: int) -> Response:
"""Retrieves all accounts for a given user ID.
Args:
user_id: The ID of the user.
Returns:
A Flask JSON response containing the user's accounts.
"""
feat(app): restructure as a modern Flask API This commit refactors the entire backend application into a more structured and maintainable Flask project. It introduces an application factory pattern, consolidates routes into a blueprint, and implements a robust authentication and database layer. - Introduces a Flask application factory (`create_app` in `main.py`) for better organization and testability. - Consolidates all API routes into a single blueprint (`routes/api.py`) for modularity. - Implements a new basic authentication system using a decorator (`@requires_basic_auth`) to secure all endpoints. - Refactors the database access layer with standardized query execution and connection handling. - Adds new modules for core logic, including an account checker (`checker.py`) and user retrieval (`get_users.py`). - Updates the VSCode launch configuration to support the new Flask application structure. BREAKING CHANGE: The application has been completely restructured. The old `server.py` entry point is removed. The application should now be run via the app factory in `main.py`. All API endpoints now require basic authentication.
2025-07-13 19:40:04 +01:00
query = "SELECT * FROM userAccounts WHERE userID = %s"
accounts = _execute_query(query, (user_id,))
for account in accounts:
feat(security): implement AES-GCM for password encryption Replaces the `pyeasyencrypt` library with a more robust and standard encryption implementation using `cryptography.hazmat`. This commit introduces AES-256-GCM for encrypting and decrypting user account passwords. The `add_account` endpoint now properly encrypts passwords before database insertion. Error handling has been added to the `get_user_accounts` endpoint to manage decryption failures for legacy passwords, which will be returned as "DECRYPTION_FAILED". BREAKING CHANGE: The password encryption algorithm has been changed. All previously stored passwords are now invalid and cannot be decrypted.
2025-07-14 11:12:13 +01:00
try:
docstrings
2025-07-15 15:45:17 +01:00
account["password"] = decrypt_password(account["password"])
feat(security): implement AES-GCM for password encryption Replaces the `pyeasyencrypt` library with a more robust and standard encryption implementation using `cryptography.hazmat`. This commit introduces AES-256-GCM for encrypting and decrypting user account passwords. The `add_account` endpoint now properly encrypts passwords before database insertion. Error handling has been added to the `get_user_accounts` endpoint to manage decryption failures for legacy passwords, which will be returned as "DECRYPTION_FAILED". BREAKING CHANGE: The password encryption algorithm has been changed. All previously stored passwords are now invalid and cannot be decrypted.
2025-07-14 11:12:13 +01:00
except Exception as e:
# Log the error to the console for debugging
docstrings
2025-07-15 15:45:17 +01:00
print(
f"Password decryption failed for account ID {account.get('id', 'N/A')}: {e}"
)
account["password"] = "DECRYPTION_FAILED"
feat(app): restructure as a modern Flask API This commit refactors the entire backend application into a more structured and maintainable Flask project. It introduces an application factory pattern, consolidates routes into a blueprint, and implements a robust authentication and database layer. - Introduces a Flask application factory (`create_app` in `main.py`) for better organization and testability. - Consolidates all API routes into a single blueprint (`routes/api.py`) for modularity. - Implements a new basic authentication system using a decorator (`@requires_basic_auth`) to secure all endpoints. - Refactors the database access layer with standardized query execution and connection handling. - Adds new modules for core logic, including an account checker (`checker.py`) and user retrieval (`get_users.py`). - Updates the VSCode launch configuration to support the new Flask application structure. BREAKING CHANGE: The application has been completely restructured. The old `server.py` entry point is removed. The application should now be run via the app factory in `main.py`. All API endpoints now require basic authentication.
2025-07-13 19:40:04 +01:00
return jsonify(accounts)
latest working sample
2025-05-10 13:58:58 +01:00
docstrings
2025-07-15 15:45:17 +01:00
def get_stream_names() -> Response:
"""Retrieves all stream names from the database.
Returns:
A Flask JSON response containing a list of stream names.
"""
feat(app): restructure as a modern Flask API This commit refactors the entire backend application into a more structured and maintainable Flask project. It introduces an application factory pattern, consolidates routes into a blueprint, and implements a robust authentication and database layer. - Introduces a Flask application factory (`create_app` in `main.py`) for better organization and testability. - Consolidates all API routes into a single blueprint (`routes/api.py`) for modularity. - Implements a new basic authentication system using a decorator (`@requires_basic_auth`) to secure all endpoints. - Refactors the database access layer with standardized query execution and connection handling. - Adds new modules for core logic, including an account checker (`checker.py`) and user retrieval (`get_users.py`). - Updates the VSCode launch configuration to support the new Flask application structure. BREAKING CHANGE: The application has been completely restructured. The old `server.py` entry point is removed. The application should now be run via the app factory in `main.py`. All API endpoints now require basic authentication.
2025-07-13 19:40:04 +01:00
query = "SELECT streamName FROM streams"
results = _execute_query(query)
docstrings
2025-07-15 15:45:17 +01:00
stream_names = [row["streamName"] for row in results]
feat(app): restructure as a modern Flask API This commit refactors the entire backend application into a more structured and maintainable Flask project. It introduces an application factory pattern, consolidates routes into a blueprint, and implements a robust authentication and database layer. - Introduces a Flask application factory (`create_app` in `main.py`) for better organization and testability. - Consolidates all API routes into a single blueprint (`routes/api.py`) for modularity. - Implements a new basic authentication system using a decorator (`@requires_basic_auth`) to secure all endpoints. - Refactors the database access layer with standardized query execution and connection handling. - Adds new modules for core logic, including an account checker (`checker.py`) and user retrieval (`get_users.py`). - Updates the VSCode launch configuration to support the new Flask application structure. BREAKING CHANGE: The application has been completely restructured. The old `server.py` entry point is removed. The application should now be run via the app factory in `main.py`. All API endpoints now require basic authentication.
2025-07-13 19:40:04 +01:00
return jsonify(stream_names)
latest working sample
2025-05-10 13:58:58 +01:00
docstrings
2025-07-15 15:45:17 +01:00
def single_check() -> Response | Tuple[Response, int]:
"""
Performs a check on a single account provided in the request JSON.
Returns:
A Flask JSON response with the result of the check, or an error message.
"""
feat(app): restructure as a modern Flask API This commit refactors the entire backend application into a more structured and maintainable Flask project. It introduces an application factory pattern, consolidates routes into a blueprint, and implements a robust authentication and database layer. - Introduces a Flask application factory (`create_app` in `main.py`) for better organization and testability. - Consolidates all API routes into a single blueprint (`routes/api.py`) for modularity. - Implements a new basic authentication system using a decorator (`@requires_basic_auth`) to secure all endpoints. - Refactors the database access layer with standardized query execution and connection handling. - Adds new modules for core logic, including an account checker (`checker.py`) and user retrieval (`get_users.py`). - Updates the VSCode launch configuration to support the new Flask application structure. BREAKING CHANGE: The application has been completely restructured. The old `server.py` entry point is removed. The application should now be run via the app factory in `main.py`. All API endpoints now require basic authentication.
2025-07-13 19:40:04 +01:00
data = request.get_json()
working config.py setup
2025-07-14 13:42:58 +01:00
stream_urls = current_app.config["STREAM_URLS"]
feat(app): restructure as a modern Flask API This commit refactors the entire backend application into a more structured and maintainable Flask project. It introduces an application factory pattern, consolidates routes into a blueprint, and implements a robust authentication and database layer. - Introduces a Flask application factory (`create_app` in `main.py`) for better organization and testability. - Consolidates all API routes into a single blueprint (`routes/api.py`) for modularity. - Implements a new basic authentication system using a decorator (`@requires_basic_auth`) to secure all endpoints. - Refactors the database access layer with standardized query execution and connection handling. - Adds new modules for core logic, including an account checker (`checker.py`) and user retrieval (`get_users.py`). - Updates the VSCode launch configuration to support the new Flask application structure. BREAKING CHANGE: The application has been completely restructured. The old `server.py` entry point is removed. The application should now be run via the app factory in `main.py`. All API endpoints now require basic authentication.
2025-07-13 19:40:04 +01:00
result = single_account_check(data, stream_urls)
if result:
# Here you would typically update the database with the new information
return jsonify(result)
return jsonify({"message": "All checks failed"}), 400
latest working sample
2025-05-10 13:58:58 +01:00
docstrings
2025-07-15 15:45:17 +01:00
def add_account(user_id: int) -> Response:
"""Adds a new account for a user.
Args:
user_id: The ID of the user.
Returns:
A Flask JSON response confirming the account was added.
"""
adding and deleting account is working
2025-07-14 19:18:47 +01:00
data = request.form
res = single_account_check(data, get_latest_urls_from_dns())
docstrings
2025-07-15 15:45:17 +01:00
encrypted_password = encrypt_password(data["password"])
show max connection next to stream url
2025-07-15 17:54:37 +01:00
query = "INSERT INTO userAccounts (username, stream, streamURL, expiaryDate, password, userID, maxConnections) VALUES (%s, %s, %s, %s, %s, %s, %s)"
docstrings
2025-07-15 15:45:17 +01:00
params = (
data["username"],
data["stream"],
res["url"],
res["data"]["user_info"]["exp_date"],
encrypted_password,
user_id,
show max connection next to stream url
2025-07-15 17:54:37 +01:00
res["data"]["user_info"]["max_connections"],
docstrings
2025-07-15 15:45:17 +01:00
)
feat(app): restructure as a modern Flask API This commit refactors the entire backend application into a more structured and maintainable Flask project. It introduces an application factory pattern, consolidates routes into a blueprint, and implements a robust authentication and database layer. - Introduces a Flask application factory (`create_app` in `main.py`) for better organization and testability. - Consolidates all API routes into a single blueprint (`routes/api.py`) for modularity. - Implements a new basic authentication system using a decorator (`@requires_basic_auth`) to secure all endpoints. - Refactors the database access layer with standardized query execution and connection handling. - Adds new modules for core logic, including an account checker (`checker.py`) and user retrieval (`get_users.py`). - Updates the VSCode launch configuration to support the new Flask application structure. BREAKING CHANGE: The application has been completely restructured. The old `server.py` entry point is removed. The application should now be run via the app factory in `main.py`. All API endpoints now require basic authentication.
2025-07-13 19:40:04 +01:00
result = _execute_query(query, params)
return jsonify(result)
latest working sample
2025-05-10 13:58:58 +01:00
docstrings
2025-07-15 15:45:17 +01:00
update expiry
2025-07-15 16:56:48 +01:00
def update_expiry_date(username: str, stream: str, expiry_date: str) -> None:
"""Updates the expiry date of an account.
Args:
username: The username of the account.
stream: The stream of the account.
expiry_date: The new expiry date.
"""
query = "UPDATE userAccounts SET expiaryDate = %s WHERE username = %s AND stream = %s"
params = (expiry_date, username, stream)
_execute_query(query, params)
show max connection next to stream url
2025-07-15 17:54:37 +01:00
def update_max_connections(username: str, stream: str, max_connections: int) -> None:
"""Updates the max connections of an account.
Args:
username: The username of the account.
stream: The stream of the account.
max_connections: The new max connections value.
"""
query = "UPDATE userAccounts SET maxConnections = %s WHERE username = %s AND stream = %s"
params = (max_connections, username, stream)
_execute_query(query, params)
update stream url if its changed
2025-07-15 19:21:55 +01:00
def update_stream_url(new_stream: str, old_stream: str) -> None:
"""Updates the stream URL of an account.
Args:
new_stream: The stream of the account.
old_stream: The new stream URL.
"""
query = "UPDATE userAccounts SET streamURL = %s WHERE streamURL = %s"
params = (new_stream, old_stream)
_execute_query(query, params)
docstrings
2025-07-15 15:45:17 +01:00
def delete_account(user_id: int) -> Response:
"""Deletes an account for a user.
Args:
user_id: The ID of the user.
Returns:
A Flask JSON response confirming the account was deleted.
"""
adding and deleting account is working
2025-07-14 19:18:47 +01:00
data = request.form
query = "DELETE FROM userAccounts WHERE username = %s AND stream = %s AND userId = %s"
docstrings
2025-07-15 15:45:17 +01:00
params = (data["user"], data["stream"], user_id)
feat(app): restructure as a modern Flask API This commit refactors the entire backend application into a more structured and maintainable Flask project. It introduces an application factory pattern, consolidates routes into a blueprint, and implements a robust authentication and database layer. - Introduces a Flask application factory (`create_app` in `main.py`) for better organization and testability. - Consolidates all API routes into a single blueprint (`routes/api.py`) for modularity. - Implements a new basic authentication system using a decorator (`@requires_basic_auth`) to secure all endpoints. - Refactors the database access layer with standardized query execution and connection handling. - Adds new modules for core logic, including an account checker (`checker.py`) and user retrieval (`get_users.py`). - Updates the VSCode launch configuration to support the new Flask application structure. BREAKING CHANGE: The application has been completely restructured. The old `server.py` entry point is removed. The application should now be run via the app factory in `main.py`. All API endpoints now require basic authentication.
2025-07-13 19:40:04 +01:00
result = _execute_query(query, params)
return jsonify(result)
notification support
2025-07-17 15:41:47 +01:00
def save_push_subscription(user_id: int, subscription_json: str) -> None:
"""Saves a push subscription to the database.
Args:
user_id: The ID of the user.
subscription_json: The push subscription information as a JSON string.
"""
query = "INSERT INTO push_subscriptions (user_id, subscription_json) VALUES (%s, %s)"
params = (user_id, subscription_json)
_execute_query(query, params)
notification test
2025-07-18 09:23:24 +01:00
def get_push_subscriptions(user_id: Optional[int] = None) -> List[Dict[str, Any]]:
"""Retrieves all push subscriptions for a given user ID, or all if no user_id is provided.
notification support
2025-07-17 15:41:47 +01:00
Args:
notification test
2025-07-18 09:23:24 +01:00
user_id: The ID of the user (optional).
notification support
2025-07-17 15:41:47 +01:00
Returns:
A list of push subscriptions.
"""
notification test
2025-07-18 09:23:24 +01:00
if user_id:
query = "SELECT * FROM push_subscriptions WHERE user_id = %s"
return _execute_query(query, (user_id,))
else:
query = "SELECT * FROM push_subscriptions"
return _execute_query(query)
Reference in New Issue Copy Permalink